<?php
/***************************************************************************/
/* SPD Nast�tten                                                           */
/* ===========                                                             */
/*                                                                         */
/* Copyright (c) 2006-2007 by Lukas Schreiner, Pascal Villmann             */
/* For more information visit: http://spd.pascalvillmann.g2host.de         */
/* Or for the ToDo List of the Project: http://luksch.freeprojekt.de/pToDo */
/*                                                                         */
/* This program is free software. You can redistribute it and/or modify    */
/* it under the terms of the GNU General Public License as published by    */
/* the Free Software Foundation; either version 0.2 of the License.        */
/***************************************************************************/
//Konfigurations-Sicherheits-Key
$config_secure_key_client = "S?a58tM!}J3gb&Z6E9{pk*Q2H1=o_Pr4Td0-7W/qCx7n2+AYf5%8?iB%zL0";
//Konfigurationsdateien einf�gen
require_once('./system/settings.inc.php');
//Markierung und Unterlinks
$home_section = "portal.php";
$home_section2 = "portal_new_protocol.php";
$section = "intern.php";
//Administratorbereich nur ausgeben, wenn Session authentifiziert ist
//�berpr�fen ob "typid" existiert, wenn nicht, auf 0 setzen
if(!isset($_SESSION['typid'])) $_SESSION['typid'] = '0';
if(isset($_SESSION['auth']) && $_SESSION['typid'] > 0 && $_SESSION['timeout']>time()){
if(isset($_SESSION['rights']) && substr_count($_SESSION['rights'], ',3,') > 0 && substr_count($_SESSION['rights'], ',1,') > 0){
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<?php
include('./layout/head_meta.inc.php');
?>
  <style>
<!--
		.text { font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 12px;}
		.bild-text {color:#C0C0FF; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px;}
-->
  </style>
</head>
<body scroll="auto" leftmargin="10" topmargin="10" marginwidth="10" marginheight="10" bgcolor="#A70D01">
  <div id="overDiv" style="position:absolute; visibility:hidden; z-index:1000;"></div>
  <div align="center">
  <table border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td rowspan="3"><a href="portal_new_protocol.php">
      <img name="top" src="images/spdde/portal/top/t1_1_1.gif" alt="" border="0" width="141" height="70" /></a></td>
      <td><img src="images/spdde/portal/top/t1_2_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_3.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_4_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_5.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_6_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_7.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_8_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_9.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_10_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_11.jpg" alt="" width="10" height="70" /></td>
      <td><img src="images/spdde/portal/top/t1_12_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3">
      <img border="0" src="images/spdde/portal/top/logo_neue_staerke.jpg" width="206" height="70"></td>
      <td><img src="images/spdde/portal/top/t1_14_1.jpg" alt="" width="49" height="13" /></td>
      <td rowspan="3"><img src="images/spdde/portal/top/t1_15.jpg" alt="" width="10" height="70" /></td>
    </tr>
    <tr>
      <td><a target="_blank" href="http://www.spd.de/">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_portal_aktiv.gif" width="49" height="49"></a></td>
      <td>
      <a target="_blank" href="http://www.spd.de/servlet/PB/menu/1009322/index.php">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_presse_over.gif" width="49" height="49"></a></td>
      <td>
      <a target="_blank" href="http://www.spd.de/servlet/PB/menu/1009328/index.php">
      <img border="0" src="images/spdde/portal/top/ch_quadrat_netzwerk_over.gif" width="49" height="49"></a></td>
      <td><img src="images/spdde/portal/top/t1_8_2.gif" border="0" width="49" height="49" /></td>
      <td><img src="images/spdde/portal/top/t1_10_2.jpg" alt="" width="49" height="49" /></td>
      <td><img src="images/spdde/portal/top/t1_12_2.jpg" alt="" width="49" height="49" /></td>
      <td><a target="_blank" href="http://www.spd.de/">
      <img src="images/spdde/portal/top/t1_14_2.gif" border="0" alt="" width="49" height="49" /></a></td>
    </tr>
    <tr>
      <td><img src="images/spdde/portal/top/t1_2_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_4_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_6_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_8_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_10_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_12_3.jpg" alt="" width="49" height="8" /></td>
      <td><img src="images/spdde/portal/top/t1_14_3.jpg" alt="" width="49" height="8" /></td>
    </tr>
  </table>

  <table border="0" cellspacing="0" cellpadding="0" width="750">
    <tr>
      <td><a href="template.php">
      <img src="images/spdde/portal/top/t2.jpg" alt="" border="0" width="150" height="22" /></a></td>
      <td width="600" valign="middle" align="right">
      </td>
    </tr>
  </table>

  <table border="0" cellspacing="0" cellpadding="0" width="750">
    <tr>
      <td rowspan="2" width="150" valign="top">
        <table border="0" cellpadding="0" cellspacing="0">
          <tr><td><a target="_blank" href="http://www.spd.de/">
            <img src="images/spdde/portal/top/t3.jpg" alt="" border="0" width="150" height="58" /></a></td></tr>
          <tr><td><img src="images/spdde/common/trans.gif" width="1" height="16" alt="" border="0" /></td></tr>
        </table>
<!-- Beginn der Navigation-->        
<?php
include('./layout/navigation/left_navi.inc.php');
?>
<!-- Ende der Navigation-->

      </td>
      <td rowspan="2" valign="top"><img src="images/spdde/common/trans.gif" width="10" height="1" alt="" border="0" /></td>
      <td width="410" valign="top" bgcolor="#FDF8EF"> 
        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FCDAD0">
          <tr>
            <td rowspan="3"><img src="images/spdde/common/trans.gif" width="8" height="1" alt="" /></td>
            <td><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td>
            <td rowspan="3"><img src="images/spdde/common/trans.gif" width="2" height="1" alt="" /></td>
          </tr>
          <tr><td width="400" height="14" valign="middle" class="pathnolink">
            <a href="index.php">SPD-Nast&auml;tten.de</a> &gt;
            <a href="portal.php">Portal</a> &gt;
	    <a href="portal_protocol.php">Protokolle</a></td></tr>
          <tr><td><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td></tr>
        </table>

<!-- Ueberschrift mit rotem Balken-->
        
        <table border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="16" height="12" alt="" /></td>
            <td></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td width="14" valign="bottom"><img src="images/spdde/portal/basics/quadrat_rechts.gif" width="10" height="6" alt="" /></td>
            <td width="364" valign="bottom"><b>Protokolle</b></td>
          </tr>
          <tr>
            <td></td>
            <td><img src="images/spdde/portal/basics/quadrat_rechts.gif" width="10" height="2" alt="" /></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td colspan="2" bgcolor="#A70D01"><img src="images/spdde/common/trans.gif" width="1" height="2" alt="" /></td>
          </tr>
        </table>

<!-- Ueberschrift mit rotem Balken Ende-->

<!-- Inhaltstabelle-->


        <table border="0" cellspacing="0" cellpadding="0" height="335">
          <tr>
            <td rowspan="2" height="335"><img src="images/spdde/common/trans.gif" width="16" height="2" alt="" /></td>
            <td width="378" height="316" class="news"><p>Herzlich Willkommen <?php echo $_SESSION['vorname'] . " " . $_SESSION['name']; ?> im Internen Bereich der SPD Nast&auml;tten.<br><br>
Sie haben hier jetzt die M&ouml;glichkeit, Protokolle hochzuladen. Klicken Sie dazu auf das "Durchsuchen" Button rechts neben dem Textfeld und w&auml;hlen Sie Ihre Protokoll Datei aus.</p>
<p align="left">
<?php
require './system/upload/ivphpupconfig.php';

function Uploadfkt() {
global $ZulTypen;
global $MaximaleGroesse;
global $UploadPfad;
global $Benachrichtigung;
global $EMailAdresse;
global $Schutz;
global $GPasswort;
global $Scode;
setlocale(LC_TIME, "de_DE");
$datum = strftime('%A').', der '.date('d.m.Y H:i:s').' Uhr';
if( !isset($_POST['upload']) OR empty($_POST['upload']) ) {
$pfad = $_SERVER['PHP_SELF'];	
$user_id = $_SESSION['ID'];
echo <<<HTML
<form enctype="multipart/form-data" action="$pfad" method="post">
<h1>Dateiupload</h1>
<p>Protokoll Name:<br /><input name="protocol_name" type="text" /></p>
<p>Datei ausw&auml;hlen:<br /><input name="datei" type="file" /></p>
<p>Datum:<br /><input type="text" id="data" name="data" /> <img id="trigger" src="./modules/jscalendar/img.gif"  border="0" style="cursor: pointer; border: none;" title="Datum ausw&auml;hlen"></p>
<input type="hidden" name="protocol_user_id" value="$user_id">
<script type="text/javascript">
  Calendar.setup(
    {
      inputField  : "data",         // ID of the input field
      showsTime   : 1,
      showOthers  : 1,
      ifFormat    : "%d.%m.%Y/%H:%M",    // the date format
      button      : "trigger"       // ID of the button
    }
  );
</script>
HTML;

if ($Scode == "ja") {
$ScodeRnd = rand(11111,99999);
$_SESSION['scode'] = $ScodeRnd;
echo "Sicherheitscode: " .$ScodeRnd;
echo "<br /><input type=\"text\" name=\"scode\" />";
}

echo <<<HTML
<p><input type="submit" name="upload" class="formstyle" value="Datei hochladen!" />
</p>
HTML;
echo "Zul&auml;ssige Dateiendungen:<br />";
foreach($ZulTypen as $Dateitypes)
echo $Dateitypes, " ";
echo "<p />Zul&auml;ssige Dateigr&ouml;&szlig;e:<br />";
$TempMaxGroesse = $MaximaleGroesse / 1024 / 1024;
echo $TempMaxGroesse." MB";
} 
else 
{
$Dateiziel2 = $UploadPfad.$_FILES['datei']['name'];
$Dateiname = $_FILES['datei']['name'];
$ScodePost = $_POST['scode'];
$protocol_bigfoot = $_FILES['datei']['size'];
$protocol_name = $_POST['protocol_name'];
$protocol_time2 = $_POST['data'];
$change_time = DatumsWandler($protocol_time2);
$protocol_time = mktime($change_time[0],$change_time[1],$change_time[2],$change_time[3],$change_time[4],$change_time[5]);
$protocol_user_id = $_POST['protocol_user_id'];
$Dateiendung = substr( strtolower( strrchr($_FILES['datei']['name'], '.') ), 1 );
$Filename = mt_rand().".".$Dateiendung;
$Dateiziel = $UploadPfad.$Filename;
   	if ( empty($Dateiendung) OR !in_array($Dateiendung, $ZulTypen) ) 
	{
        echo "<h1>Fehler</h1><p />Diese Dateiendung ist nicht erlaubt.<p /><a href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>";
        exit;
    	}

    	if ($_FILES['datei']['size'] > $MaximaleGroesse) 
	{
	$TempMaxGroesse = $MaximaleGroesse / 1024 / 1024;
        echo "<h1>Fehler</h1><p />Die Datei ist zu gro&szlig;. Sie darf h&ouml;chstens $TempMaxGroesse MB gro&szlig; sein.<p /><a href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>";
        exit;
    	}
	
	if ($Scode == "ja") {

	if ($ScodePost != $_SESSION['scode']) 
	{
        echo "<h1>Fehler</h1><p />Der Sicherheitscode stimmt nicht.<p /><a href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>";
        exit;
    	}
	}

	if (file_exists($Dateiziel)) 
	{
    	echo "<h1>Fehler</h1><p />Die Datei $Dateiname existiert schon. Ein &Uuml;berschreiben ist nicht erlaubt. Bitte wenden Sie sich an den Betreiber oder benennen Sie die Datei um.<p /><a 	href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>";
        exit;
	} 
    
    	move_uploaded_file($_FILES['datei']['tmp_name'], $Dateiziel);
    	chmod($Dateiziel, 0644);
	$temp_SQL = "INSERT INTO spd_protocol (protocol_name,protocol_user_id,protocol_time,protocol_filename,protocol_bigfoot,protocol_path,protocol_typ) VALUES ('$protocol_name','$protocol_user_id','$protocol_time','$Filename','$protocol_bigfoot','./downloads/protokolle/','$Dateiendung')";
	if(mysql_query($temp_SQL)){}else{ echo mysql_error(); }


	if ($Benachrichtigung == "ja") 
	{
	mail("$EMailAdresse", "Neue Datei", "iV phpUP 1.5 teilt Ihnen mit, dass ($datum) die Datei $Dateiname hochgeladen wurde. (C) by www.innovanique.de");
	echo "<h1>Dateiupload</h1><p />Die Datei $Dateiname wurde erfolgreich hochgeladen. Der Betreiber wurde per E-Mail &uuml;ber Ihren Upload informiert. <p /><a href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>"; 
	}
	
	else 
	{
	echo "<h1>Dateiupload</h1><p />Die Datei $Dateiname wurde erfolgreich hochgeladen. <p /><a href=\"".$_SERVER['PHP_SELF']."\">Zur&uuml;ck</a>"; 
	}
}
}

function Dateiupl() 
{
echo "Bitte lassen Sie den Link zu www.innovanique.de stehen. Beim Download haben Sie diese Lizenzbedingung anerkannt.";
}
if(md5($DateiUpl) === '82d21ef4c1e3bd8e9e891506b63e3bf1')
{
if(!isset($_SESSION['pw'])){ $_SESSION['pw'] = ''; }
if($_SESSION['pw'] != $GPasswort) 
{
	if ($Schutz=="ja")
	
	{
	if(isset($_POST['pass'])){
   	$testpw = $_POST['pass'];
	}else{
	$testpw = '';
	}

        	if ($testpw == $GPasswort)        	{
		$_SESSION['pw'] = $GPasswort;
       		Uploadfkt();
       		}else{ 
		echo "Bitte geben Sie das Passwort ein: <form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\" method=\"post\"><input type=\"password\" name=\"pass\"><input type=\"submit\" value=\"Senden\"></form>"; 
        	}

	}else{
	Uploadfkt();
	}
}else{ 
Uploadfkt();
}
}else{
Dateiupl();
}
?>
<span class="copyright">
<p /><a href="http://www.innovanique.de"><? echo $DateiUpl; ?></a> | <a href="http://www.innovanique.de/downloads/ivphpup/">iV phpUP 1.5</a>
</span>
</p></td>
          </tr>
          <tr>
            <td width="378" height="19"> 
              &nbsp;</td>
          </tr>
        </table>
        
        
<!-- Inhaltstabelle Ende-->



      </td>
      <td rowspan="2"><img src="images/spdde/common/trans.gif" width="10" height="1" alt="" border="0" /></td>
      <td rowspan="2" width="170" valign="top" bgcolor="#FDF8EF">
        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FCDAD0">
          <tr><td><img src="images/spdde/common/trans.gif" width="170" height="18" alt="" /></td></tr>
        </table>

        <table border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="12" height="25" alt="" /></td>
            <td></td>
          </tr>
          <tr>
            <td></td>
            <td><img src="images/spdde/portal/basics/linie_2nd.gif" width="146" height="1" vspace="2" alt="" /></td>
          </tr>
          <tr>
            <td></td>
            <td width="146"><span class="navi4thnolink">Interaktiv</span></td>
          </tr>
        </table>


<!-- Eintrag Interaktiv Anfang -->        
        <?php
include('./layout/navigation/right_navi.inc.php');
?>
<!-- Eintrag Interaktiv Ende -->


        <table border="0" cellspacing="0" cellpadding="0">
          <tr><td><img src="images/spdde/common/trans.gif" width="12" height="1" alt="" /></td><td><img src="images/spdde/portal/basics/linie_2nd.gif" vspace="3" width="146" height="1" alt="" /></td></tr>
        </table>
        <table border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="12" height="2" alt="" /></td>
            <td width="146"><!-- Inhalt Infobox -->
            </td>
          </tr>
          <tr>
            <td><img src="images/spdde/common/trans.gif" width="1" height="12" alt="" /><p>&nbsp;</p>
            <p>&nbsp;</p>
            <p>&nbsp;</td>
            <td></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>
            <a target="_blank" href="http://www.spd.de/servlet/PB/menu/1024315/index.php">
            <img border="0" src="images/spdkompakt_146x_2004_03_24.gif" width="145" height="62"></a></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td><a target="_blank" href="http://mitmachen.spd.de/">
            <img border="0" src="images/mitmachen_146x60_2005_03_02.gif" width="146" height="60"></a></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>
            <a target="_blank" href="https://www.mitmachen.spd.de/servlet/PB/menu/1048672/index.html">
            <img border="0" src="images/mitglied_online.gif" width="146" height="60"></a></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
        </table>
                            

      </td>
    </tr>
    <tr>  <!-- hier beginnt der footer -->
      <td width="410" valign="bottom" bgcolor="#FDF8EF">
        <table border="0" cellspacing="0" cellpadding="0" bgcolor="#FDF8EF">
          <tr>
            <td rowspan="4"><img src="images/spdde/common/trans.gif" width="16" height="1" alt="" /></td>
            <td><img src="images/spdde/common/trans.gif" width="1" height="10" alt="" /></td>
          </tr>
          <tr>
            <td valign="top"><a href="#top">
            <img src="images/spdde/portal/basics/hoch.gif" border="0" alt="" width="8" height="8" /></a></td>
          </tr>
          <tr>
            <td bgcolor="#A70D01"><img src="images/spdde/common/trans.gif" width="378" height="2" alt="" /></td>
          </tr>
          <tr>
            <td height="16" valign="middle" align="right">&copy; <?php echo $global_copy . " - " . $global_years; ?> &nbsp;<a href="impressum.php">Impressum</a></td>
          </tr>
        </table>
      </td>
    </tr>
  </table>

  </div>
</body>
</html>
<?php
//Hier Ende des authentifizierten Bereiches
}else{
header('Location: admin_false.php');
exit;
}
}else{
header('Location: false.php');
exit;
}
?>